Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/483a68-08e7-4f90-9fd9-ff4a2b85889c/1/oatIvXhngUAPPG-0OQ-g7l6MzLI.roa
File: oatIvXhngUAPPG-0OQ-g7l6MzLI.roa (raw, json)
Hash identifier: zvBLCDcSrcKX9rXOU9ohvYRdpMfvjHvsRmNtMvctGcs=
Subject key identifier: A1:AB:48:BD:78:67:81:40:0F:3C:6F:B4:39:0F:A0:EE:5E:8C:CC:B2
Certificate issuer: /CN=a90dc475029e1d793355978ba46bf873065564b1
Certificate serial: 018BAE32F5BC6BF300FF13DF2B8314970F5A
Authority key identifier: A9:0D:C4:75:02:9E:1D:79:33:55:97:8B:A4:6B:F8:73:06:55:64:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qQ3EdQKeHXkzVZeLpGv4cwZVZLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/483a68-08e7-4f90-9fd9-ff4a2b85889c/1/oatIvXhngUAPPG-0OQ-g7l6MzLI.roa
Signing time: Wed 08 Nov 2023 09:10:57 +0000
ROA not before: Wed 08 Nov 2023 09:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41953
IP address blocks: 91.196.153.0/24 maxlen: 24
2a13:6440::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ae:32:f5:bc:6b:f3:00:ff:13:df:2b:83:14:97:0f:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a90dc475029e1d793355978ba46bf873065564b1
Validity
Not Before: Nov 8 09:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1ab48bd786781400f3c6fb4390fa0ee5e8cccb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:34:2f:da:72:90:8f:86:04:71:83:e0:7c:bc:
51:d0:f5:ae:06:8f:00:19:0e:5f:53:a5:17:d3:8f:
8f:cd:25:51:bb:c6:dd:07:2b:5f:93:4e:e0:99:ca:
f4:01:db:d4:98:71:ef:3f:5e:65:e7:7f:a5:64:79:
c5:b6:4c:ac:76:41:9d:0f:87:ac:b6:ed:4f:d2:94:
b2:f5:ed:ff:f9:76:d6:c9:55:60:49:ab:ee:95:d4:
27:48:67:67:f3:3c:48:04:02:8e:e4:10:9b:f1:1f:
4d:d6:76:9c:32:59:9f:cb:46:d6:ec:6e:14:48:d7:
9e:cf:18:25:36:5f:82:b1:c9:b6:8d:e9:47:f3:48:
0e:60:82:c9:df:b4:40:97:62:cc:31:20:62:d2:c8:
41:a4:bd:8c:50:3c:fd:85:4e:3b:cf:ab:6f:9f:11:
29:22:50:33:77:8d:d9:45:b3:60:f2:a6:07:cf:71:
23:6b:37:ab:f7:45:cc:1f:d7:a8:45:81:a5:8f:63:
ce:ca:86:aa:8f:7f:b7:09:d4:72:cb:f4:77:65:a7:
fa:9a:52:01:db:2f:34:b3:04:2d:95:48:26:14:0c:
e3:15:f1:a9:94:ad:27:36:51:05:3f:3c:34:b3:8a:
a0:6f:25:4c:51:fb:94:26:90:90:37:04:40:b6:1c:
39:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:AB:48:BD:78:67:81:40:0F:3C:6F:B4:39:0F:A0:EE:5E:8C:CC:B2
X509v3 Authority Key Identifier:
keyid:A9:0D:C4:75:02:9E:1D:79:33:55:97:8B:A4:6B:F8:73:06:55:64:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qQ3EdQKeHXkzVZeLpGv4cwZVZLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/483a68-08e7-4f90-9fd9-ff4a2b85889c/1/oatIvXhngUAPPG-0OQ-g7l6MzLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/483a68-08e7-4f90-9fd9-ff4a2b85889c/1/qQ3EdQKeHXkzVZeLpGv4cwZVZLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.153.0/24
IPv6:
2a13:6440::/29
Signature Algorithm: sha256WithRSAEncryption
6e:a9:aa:ee:af:ad:51:a4:ed:4e:5e:11:0b:da:88:68:53:1b:
4e:d2:31:96:d7:9e:7b:d4:b5:f3:09:42:36:d9:21:cc:49:e5:
64:cc:87:8a:fd:d4:1a:69:e4:af:26:da:d3:ca:83:28:a3:41:
85:e1:34:e4:4b:eb:ee:ae:9e:1c:30:9d:cf:ca:3a:31:26:fa:
18:69:8b:44:0f:b2:ed:bb:70:d0:3f:b5:b2:5b:57:e7:fe:fc:
ef:bd:47:9b:70:71:06:ea:a1:7f:b3:5a:ad:f5:5d:ab:8d:52:
91:f6:2b:76:0f:f1:78:fd:5e:e3:6b:a5:54:0b:49:f5:f1:aa:
b2:99:c1:8d:16:6d:43:0d:e2:9f:e2:b6:ae:32:b4:03:b7:3f:
2f:0a:75:1e:c7:b3:35:6e:9a:4e:e0:90:96:cf:ba:ad:df:e3:
a2:00:b1:06:de:3d:7e:8a:48:79:79:e5:78:84:94:cb:c6:9b:
70:6d:90:aa:ab:35:46:3d:a4:28:c8:51:a5:75:76:01:bb:7b:
e1:94:dc:b8:29:11:fe:42:25:74:1c:3f:39:58:43:08:37:8c:
12:33:03:ae:5f:8e:2f:f5:04:67:8d:f0:d0:db:fa:d7:f3:c8:
91:80:5f:d0:6f:a2:8d:49:41:89:2a:0f:ef:6a:6a:29:2b:08:
5e:12:28:f4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYuuMvW8a/MA/xPfK4MUlw9aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MGRjNDc1MDI5ZTFkNzkzMzU1OTc4YmE0NmJmODczMDY1
NTY0YjEwHhcNMjMxMTA4MDkxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWFiNDhiZDc4Njc4MTQwMGYzYzZmYjQzOTBmYTBlZTVlOGNjY2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDQv2nKQj4YEcYPgfLxR0PWuBo8A
GQ5fU6UX04+PzSVRu8bdBytfk07gmcr0AdvUmHHvP15l53+lZHnFtkysdkGdD4es
tu1P0pSy9e3/+XbWyVVgSavuldQnSGdn8zxIBAKO5BCb8R9N1nacMlmfy0bW7G4U
SNeezxglNl+Cscm2jelH80gOYILJ37RAl2LMMSBi0shBpL2MUDz9hU47z6tvnxEp
IlAzd43ZRbNg8qYHz3Ejazer90XMH9eoRYGlj2POyoaqj3+3CdRyy/R3Zaf6mlIB
2y80swQtlUgmFAzjFfGplK0nNlEFPzw0s4qgbyVMUfuUJpCQNwRAthw5EwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKGrSL14Z4FADzxvtDkPoO5ejMyyMB8GA1UdIwQY
MBaAFKkNxHUCnh15M1WXi6Rr+HMGVWSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVEzRWRRS2VIWGt6VlplTHBHdjRjd1pWWkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC80ODNhNjgtMDhlNy00ZjkwLTlmZDkt
ZmY0YTJiODU4ODljLzEvb2F0SXZYaG5nVUFQUEctME9RLWc3bDZNekxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC80ODNhNjgtMDhlNy00ZjkwLTlmZDktZmY0YTJiODU4ODlj
LzEvcVEzRWRRS2VIWGt6VlplTHBHdjRjd1pWWkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW8SZMA0E
AgACMAcDBQMqE2RAMA0GCSqGSIb3DQEBCwUAA4IBAQBuqarur61RpO1OXhEL2oho
UxtO0jGW15571LXzCUI22SHMSeVkzIeK/dQaaeSvJtrTyoMoo0GF4TTkS+vurp4c
MJ3PyjoxJvoYaYtED7Ltu3DQP7WyW1fn/vzvvUebcHEG6qF/s1qt9V2rjVKR9it2
D/F4/V7ja6VUC0n18aqymcGNFm1DDeKf4rauMrQDtz8vCnUex7M1bppO4JCWz7qt
3+OiALEG3j1+ikh5eeV4hJTLxptwbZCqqzVGPaQoyFGldXYBu3vhlNy4KRH+QiV0
HD85WEMIN4wSMwOuX44v9QRnjfDQ2/rX88iRgF/Qb6KNSUGJKg/vamopKwheEij0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:44 2024 by rpki-client on console-fra.rpki-client.org